“We are working to resolve this as soon as possible,” Argeweb’s parent company Yourhosting wrote on itsstatus page.
It took the hosting provider two days to resolve these issues. Unfortunately, the solution was temporary, leading the company to collaborate with its suppliers to address these ongoing challenges.As of March 31st, the performance issues remained unresolved, and the company assured that they would work on a permanent fix as quickly as possible.
On April 1st, Yourhosting spoke of a DDoS attack for the first time.
What Happened?
In early April 2025, one of the Netherlands' most reputable hosting providers reported an unprecedented DDoS attack that overwhelmed its infrastructure. The attackers bombarded the company’s servers with hundreds of gigabits per second of malicious traffic, causing websites, email servers, and customer management portals to go offline for extended periods.
While the company has not officially disclosed the attackers’ identity or motive, the scale and sophistication of the attack suggest it was well-orchestrated and possibly state-sponsored or part of a ransom-based extortion attempt.
Get our DDoS simulation Service
Why to wait for DDoS, perform simulation on your environment with us
Impact on Clients and Services
The effects were far-reaching:
- Small businesses and e-commerce stores experienced major disruptions during peak hours, losing both revenue and customer trust.
- IT and SaaS providers relying on the hosting services were forced to notify their clients of outages beyond their control.
- Email and DNS resolution issues affected even those who weren’t directly hosted on the provider’s infrastructure.
For many, this incident exposed a single point of failure in their digital operations — an over-reliance on one hosting service without redundancy.
Technical Analysis of the DDoS Attack
DDoS (Distributed Denial of Service) attacks involve overwhelming a server or network with massive volumes of requests or data, typically from a botnet — a network of compromised computers and devices.
In this case, attackers employed a combination of:
- Volumetric attacks, which flood the bandwidth,
- Application-layer attacks, targeting specific services like HTTP, and
- DNS amplification, leveraging misconfigured DNS servers to send large payloads.
This multi-vector attack strategy made it difficult to mitigate quickly, even with DDoS protection in place.
Response and Mitigation
The hosting company immediately initiated emergency protocols:
- Partnered with upstream ISPs and DDoS mitigation services.
- Isolated and rerouted affected segments of its network.
- Worked with the Dutch National Cyber Security Centre (NCSC) for forensic analysis and future prevention.
Services were restored gradually, but the damage — especially reputational — was already done.
Lessons for Businesses and Hosting Providers
This attack is a stark reminder that cyber resilience is no longer optional. Some takeaways include:
1. Invest in DDoS Mitigation Solutions
Cloud-based solutions like Cloudflare, Akamai, or AWS Shield can absorb and filter malicious traffic before it reaches your servers.
2. Ensure Redundancy
Relying on a single hosting provider or datacenter can lead to total outages. Spread critical infrastructure across multiple providers and regions.
3. Implement Real-Time Monitoring
Detect anomalies early. Automated monitoring and alerts can reduce response time and impact.
4. Have an Incident Response Plan
Preparation makes all the difference. Train staff, rehearse simulations, and have recovery steps documented and accessible.
Conclusion
As DDoS attacks become cheaper and easier to execute — thanks to black-market botnet rentals and DDoS-as-a-Service offerings — companies of all sizes must elevate their cybersecurity posture.
The Dutch hosting company’s ordeal is a wake-up call for digital service providers globally: invest in resilience now, or risk being tomorrow’s headline.
DDoS Attack Cripples Dutch Hosting Company